Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/JAOLNFyK5zNQHx2Db-jq8rHvXWo.roa
File: JAOLNFyK5zNQHx2Db-jq8rHvXWo.roa (raw, json)
Hash identifier: x4l1sDgAZvEeg6zzVdnkfMVXnr/eJCKxIHYJa7Hy8C8=
Subject key identifier: 24:03:8B:34:5C:8A:E7:33:50:1F:1D:83:6F:E8:EA:F2:B1:EF:5D:6A
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 0189DDC7F3F3D9BC8A2F680525B5D64F6F5E
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/JAOLNFyK5zNQHx2Db-jq8rHvXWo.roa
Signing time: Thu 10 Aug 2023 04:50:16 +0000
ROA not before: Thu 10 Aug 2023 04:50:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213176
IP address blocks: 212.59.64.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
209.35.224.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.229.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Oct 2023 10:28:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:dd:c7:f3:f3:d9:bc:8a:2f:68:05:25:b5:d6:4f:6f:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Aug 10 04:50:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24038b345c8ae733501f1d836fe8eaf2b1ef5d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:35:0c:cd:5c:ed:ea:bf:3b:bd:aa:73:5a:
7f:59:1b:f8:64:d4:43:f5:26:7e:b0:b7:cb:6f:06:
98:f0:79:b9:e1:03:1d:ab:c0:b2:5e:ec:68:53:e4:
a6:72:00:10:c1:29:44:f3:c0:f5:cf:89:61:91:d1:
5c:f4:49:c1:14:34:3e:6d:65:02:28:9d:5b:02:a0:
b1:fc:7c:64:66:4a:fe:e5:21:6b:ba:9e:eb:88:ea:
70:f6:1d:1f:89:22:d3:4c:eb:fb:8b:7c:28:48:15:
76:b2:b3:51:36:cf:70:eb:77:22:2e:bc:24:18:7d:
f9:86:96:c8:1d:3a:f4:db:22:c9:d9:96:44:db:e8:
b0:7a:61:08:fb:a0:e4:f0:49:60:15:bb:48:78:a0:
d7:8a:3d:37:ed:32:19:f8:86:84:01:77:3b:2c:b9:
af:9d:1f:2f:20:77:b1:51:04:f9:1d:30:00:96:84:
21:17:ea:ac:ee:31:9b:aa:ca:28:6c:b5:5a:e5:2a:
12:5b:72:ac:d7:83:01:4b:8f:3b:14:98:eb:79:bf:
b1:36:67:f6:d7:cc:ed:45:b7:02:13:60:f2:9a:6c:
6b:1c:5b:f7:53:69:f2:44:ef:c9:08:eb:54:e7:b6:
7b:14:f4:00:e6:55:61:ee:95:ca:22:8d:46:88:43:
73:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:03:8B:34:5C:8A:E7:33:50:1F:1D:83:6F:E8:EA:F2:B1:EF:5D:6A
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/JAOLNFyK5zNQHx2Db-jq8rHvXWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0-209.35.229.255
212.59.64.0-212.59.70.255
Signature Algorithm: sha256WithRSAEncryption
58:8a:c1:83:6d:e2:7c:14:84:24:c8:49:78:08:eb:f9:91:72:
92:9f:85:a0:1e:4c:7d:62:dd:5b:25:c5:06:63:dd:a6:4b:45:
0a:37:38:20:ae:8b:04:f0:f2:2e:6d:db:6e:b1:37:c4:58:ac:
92:34:3a:6e:a8:4e:a6:81:cd:55:54:f4:d7:dc:12:ee:65:58:
28:68:76:1c:ca:39:b8:7c:1b:62:ec:67:35:83:f6:16:13:1f:
4b:ff:8e:51:ce:f3:ac:63:c2:db:52:3c:c9:3a:0d:f7:54:ca:
d0:73:43:db:04:99:24:69:10:c3:f8:0b:ec:80:cc:db:fa:6d:
46:ca:7e:b5:e9:85:2b:85:a0:67:f6:ef:c3:40:e7:96:e2:21:
07:64:d1:fd:a6:04:56:cc:f6:e6:eb:12:9e:18:e4:18:da:44:
dd:34:e6:45:66:78:8d:ae:27:24:92:48:4d:48:82:26:12:87:
7e:20:fa:54:52:d0:9a:cc:13:83:0f:b0:80:f3:b1:9a:cb:f5:
6b:a3:eb:48:21:6c:c5:f1:e2:db:24:8f:d8:98:4b:48:52:56:
75:41:c3:28:4c:fd:2b:ee:67:2a:41:3e:81:66:13:53:76:2e:
54:d5:19:b6:e4:74:f2:98:6c:39:a6:bc:8b:13:1a:9b:a6:da:
40:02:45:72
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYndx/Pz2byKL2gFJbXWT29eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjMwODEwMDQ1MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDAzOGIzNDVjOGFlNzMzNTAxZjFkODM2ZmU4ZWFmMmIxZWY1ZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF01DM1c7eq/O72qc1p/WRv4ZNRD
9SZ+sLfLbwaY8Hm54QMdq8CyXuxoU+SmcgAQwSlE88D1z4lhkdFc9EnBFDQ+bWUC
KJ1bAqCx/HxkZkr+5SFrup7riOpw9h0fiSLTTOv7i3woSBV2srNRNs9w63ciLrwk
GH35hpbIHTr02yLJ2ZZE2+iwemEI+6Dk8ElgFbtIeKDXij037TIZ+IaEAXc7LLmv
nR8vIHexUQT5HTAAloQhF+qs7jGbqsoobLVa5SoSW3Ks14MBS487FJjreb+xNmf2
18ztRbcCE2DymmxrHFv3U2nyRO/JCOtU57Z7FPQA5lVh7pXKIo1GiENzDQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCQDizRciuczUB8dg2/o6vKx711qMB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvSkFPTE5GeUs1ek5RSHgyRGItanE4ckh2WFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAXRI+AD
BAHRI+QwDAMEBtQ7QAMEANQ7RjANBgkqhkiG9w0BAQsFAAOCAQEAWIrBg23ifBSE
JMhJeAjr+ZFykp+FoB5MfWLdWyXFBmPdpktFCjc4IK6LBPDyLm3bbrE3xFiskjQ6
bqhOpoHNVVT019wS7mVYKGh2HMo5uHwbYuxnNYP2FhMfS/+OUc7zrGPC21I8yToN
91TK0HND2wSZJGkQw/gL7IDM2/ptRsp+temFK4WgZ/bvw0DnluIhB2TR/aYEVsz2
5usSnhjkGNpE3TTmRWZ4ja4nJJJITUiCJhKHfiD6VFLQmswTgw+wgPOxmsv1a6Pr
SCFsxfHi2ySP2JhLSFJWdUHDKEz9K+5nKkE+gWYTU3YuVNUZtuR08phsOaa8ixMa
m6baQAJFcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:11 2024 by rpki-client on console-ams.rpki-client.org